英文:
Upgraded Traefik and now K8s Ingress Controller isn't working
问题
I had previously installed Traefik 2 via Helm on my K8s cluster at home. 我之前在家里的K8s集群上通过Helm安装了Traefik 2。
I don't remember the specific version but I know it was some version of Traefik 2. 我不记得具体版本,但我知道它是Traefik 2的某个版本。
My cluster is actually several Raspberry Pis where I installed Kubernetes with K3s. 我的集群实际上是由几台树莓派组成的,我在上面使用K3s安装了Kubernetes。
For many months it had been working great. 多个月来,它一直运行得很好。
When I created Services with Ingress objects, Traefik would detect this and act like a load balancer, exposing the service to a specific host name. 当我创建带有Ingress对象的服务时,Traefik会检测到并像负载均衡器一样运行,将服务暴露给特定的主机名。
Today I ran a job that was apparently a little too resource-intensive because it evicted the Traefik pods for OOM errors. 今天我运行了一个工作任务,显然占用了过多资源,因为它因OOM错误而驱逐了Traefik的Pod。
Even after killing the large job, the Traefik pods didn't come back up on their own, so I uninstalled Traefik (via helm uninstall) and then used Helm to install the latest version (2.9.10). 即使杀死了这个大的任务,Traefik的Pod也没有自行恢复,所以我卸载了Traefik(通过helm uninstall),然后使用Helm安装了最新版本(2.9.10)。
In particular I used the following command to install it (where I substituted 1.2.3.4 with my real IP): 特别是我使用了以下命令来安装它(其中我用我的真实IP替代了1.2.3.4):
helm upgrade --install traefik --set dashboard.enabled=true --set rbac.enabled=true --set="service.externalIPs={1.2.3.4}" --set="additionalArguments={--api=true,--log.level=INFO,--providers.kubernetesingress.ingressclass=traefik-internal,--serversTransport.insecureSkipVerify=true}" traefik/traefik
However, although Traefik is now running without any obvious errors, the Ingress Controller functionality doesn't seem to work. 但是,尽管Traefik现在运行正常且没有明显错误,但Ingress控制器功能似乎不起作用。
When I look at the Traefik dashboard under Services, I see api@internal, dashboard@internal, noop@internal, ping@internal, and prometheus@internal... but nothing else. 当我查看服务下的Traefik仪表板时,我只看到api@internal,dashboard@internal,noop@internal,ping@internal和prometheus@internal...但没有其他内容。
Previously I saw services listed there on the dashboard to correspond to each Ingress object I had defined. 以前,我在仪表板上看到了列出的服务,对应于我定义的每个Ingress对象。
I can post the full YAML of any of my Ingress objects if desired, but suffice it to say that all of them have the kubernetes.io/ingress.class: traefik annotation defined. 如果需要,我可以发布任何Ingress对象的完整YAML文件,但可以说所有这些对象都定义了kubernetes.io/ingress.class: traefik注释。
Has something changed with the most recent version of Traefik? 最近版本的Traefik有什么变化吗?我使用的helm upgrade --install命令与多个月前使用的相同。但正如我所说,这次Ingress控制器功能似乎不再起作用。
英文:
I had previously installed Traefik 2 via Helm on my K8s cluster at home. I don't remember the specific version but I know it was some version of Traefik 2. My cluster is actually several Raspberry Pis where I installed Kubernetes with K3s. For many months it had been working great. When I created Services with Ingress objects, Traefik would detect this and act like a load balancer, exposing the service to a specific host name.
Today I ran a job that was apparently a little too resource intensive because it evicted the Traefik pods for OOM errors. Even after killing the large job, the Traefik pods didn't come back up on their own, so I uninstalled Traefik (via helm uninstall) and then used Helm to install the latest version (2.9.10). In particular I used the following command to install it (where I substitued 1.2.3.4 with my real IP):
helm upgrade --install traefik --set dashboard.enabled=true --set rbac.enabled=true --set="service.externalIPs={1.2.3.4}" --set="additionalArguments={--api=true,--log.level=INFO,--providers.kubernetesingress.ingressclass=traefik-internal,--serversTransport.insecureSkipVerify=true}" traefik/traefik
However, although Traefik is now running without any obvious errors, the Ingress Controller functionality doesn't seem to work. When I look at the Traefik dashboard under Services, I see api@internal, dashboard@internal, noop@internal, ping@internal, and prometheus@internal... but nothing else. Previously I saw services listed there on the dashboard to correspond to each Ingress object I had defined. I can post the full YAML of any of my Ingress objects if desired, but suffice it to say that all of them have the kubernetes.io/ingress.class: traefik annotation defined.
Has something changed with the most recent version of Traefik? The helm upgrade --install command that I used is identical to the one I used many months ago. But like I said, this time around the Ingress Controller functionality no longer seems to work.
答案1
得分: 1
因为您在helm安装命令的额外参数中提供了--providers.kubernetesingress.ingressclass=traefik-internal,所以它"不起作用",而traefik文档中对于这个参数指出,只有具有注释kubernetes.io/ingress.class: traefik-internal的Ingress对象才会被处理。
然而,您的Ingress对象的注释是kubernetes.io/ingress.class: traefik,这就是为什么它"不再起作用"的原因。
要解决这个问题,您可以运行带有调整参数的helm升级命令:
helm upgrade --install traefik --set dashboard.enabled=true --set rbac.enabled=true --set="service.externalIPs={1.2.3.4}" --set="additionalArguments={--api=true,--log.level=INFO,--serversTransport.insecureSkipVerify=true}" traefik/traefik
这将使traefik处理所有没有注释、具有空值或值为traefik的Ingress对象。
如果您想要更加严格,那么可以使用以下命令:
helm upgrade --install traefik --set dashboard.enabled=true --set rbac.enabled=true --set="service.externalIPs={1.2.3.4}" --set="additionalArguments={--api=true,--log.level=INFO,--providers.kubernetesingress.ingressclass=traefik,--serversTransport.insecureSkipVerify=true}" traefik/traefik
英文:
It "doesn't work" because you provided in your additional arg --providers.kubernetesingress.ingressclass=traefik-internal in your helm install command and traefik docs for this argument says that with this arg specified, only Ingress object with annotation kubernetes.io/ingress.class: traefik-internal will be processed.
However, your Ingress objects' annotation is kubernetes.io/ingress.class: traefik -- that's why it "no longer works".
To resolve this, you can run the helm upgrade command you ran with adjusted args:
helm upgrade --install traefik --set dashboard.enabled=true --set rbac.enabled=true --set="service.externalIPs={1.2.3.4}" --set="additionalArguments={--api=true,--log.level=INFO,--serversTransport.insecureSkipVerify=true}" traefik/traefik
This will make traefik process all Ingress objects without the annotation, having an empty value, or the value traefik
If you wanna be restrictive, then
helm upgrade --install traefik --set dashboard.enabled=true --set rbac.enabled=true --set="service.externalIPs={1.2.3.4}" --set="additionalArguments={--api=true,--log.level=INFO,--providers.kubernetesingress.ingressclass=traefik,--serversTransport.insecureSkipVerify=true}" traefik/traefik
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论